A question about AVZ and OSAM

I'm fanboy 01 and this is my first post on Wilders! I decided to join the Wilders community simply because I have an interest in PC security. I've been lurking around wilders for the past several months and I must say, that this is a very awesome website. Keep up the good work Paul!

Anyway, I wanted to ask a question about two particular security apps. These two apps are Online Solutions Autorun Manager and AVZ Anti-viral toolkit.

I did some research about these two apps and I found both apps intriguing. I was going to give the two apps a try until I ran into some "complications".

I'll start with AVZ. I researched AVZ on some download websites and I saw some comments about a possible virus lurking within AVZ. Here are the comments I could find:

From portablefreeware: (http://www.portablefreeware.com/?id=1530)
Edwin: AVZ put a file called "utmyntkw.sys" in c:\windows\system32\driver.
Panda tells me that this files has the rootkit/bagle.uv in it. [2010-02-09 19:38]

bajaatan: Spybot (Tea timer) see this program as Dropper.4Maximus and terminate process. Earlier version didn't have this problem [2010-07-12 06:44]

fman
January 16th, 2009 at 2:40 am
I am also always on the lookout for a good startup organizer/manager. This one is great thanks.
btw. I notice you removed my reply.After updating nod32 keeps warning me but it’s probably a false positive.

gamamew
January 16th, 2009 at 5:30 am
My NOD 32 detetecs the portable version as \”probably a variant of Win32/Packed.Themida application \”.

I\’m concerned of trying the installable version too.

Usman
January 20th, 2009 at 2:00 pm
It’s a great software but i cannot download it as my eset antivirous showing that it contains virous.My antivirous showing that it contain Win32/Packed.Themida virous. Can you please suggest me that is it safe to ignore this warning message?

I downloaded the RAR version of OSAM and submitted it to virustotal and it alerted some of the scanners. I unpacked the files from the RAR and I submitted each individual through virustotal (there were only 9 files) and the only file that alerted scanners was the actual OSAM executable. I provided a link of the virustotal report.

Now, the dumb thing is that I'm pretty sure that these files are false positives due to the fact that I haven't read many complaints about possible viruses within these two apps (one user on virustotal rated the OSAM.exe as goodware!) and the fact that I've seen Wilders users using these apps themselves!

The simple thing I want to know is that these are false positives, right? I would appreciate if anybody could verify that both OSAM and AVZ are 100% safe and virus free.

Even though I have a very strong hunch that both OSAM and AVZ are false positives (I know that AVZ was developed by a Kaspersky worker and heard that the functions of AVZ were built into Kaspersky's own antivirus!), I'm just trying to be "better safe than sorry". Hey, you never know when a good security app will turn bad and join the dark side (i.e., Firefox add-ons like Ghostery and TACO, a legitimate anti-malware app that has become crippleware or a rogue).

If you are concerned about the website from where you download AVZ, you can download AVZ directly from Kaspersky's website.

I will avoid giving a direct download link for AVZ. Instructions: Click on the download link for the "Kaspersky Virus Removal Tool 2010". Cancel the download when you get the download prompt. Go to the web browser URL and delete the "AVPTool/" portion of the URL and hit enter. Select the AVZ folder. Click on the AVZ4.zip download link.

Some time back Prevx reported something malicious about AVZ. I contacted Prevx support and they indicated that it was not Malware. It was just something about AVZ that looked like Malware. Also, I think that "Sophos" reported AVZ as Malware, but when AVZ was uploaded to them it was reported by Sophos to be a false positive. So I assume that AVZ is non-Malicious, especially if you get it directly from Kaspersky's website.

Shortly after posting this question, I decided "Oh, what the hell" (I went along with my hunch) and came to the conclusion that both AVZ and OSAM are false positives. Thank you TheKid7 for mentioning that you can download AVZ off from Kaspersky's website. I had no idea I should've thought about that when I knew AVZ was Kaspersky technology *facepalm*